OverviewAuthentication

Create OAuth bearer token

<Note icon="fa-regular fa-circle-info"> **Note – Access tokens for embedded experiences require specific API key** Before calling this endpoint to obtain an access token for embedded experiences (second scenario above), you must obtain a dedicated API key. To do so, contact Mangopay <a href="https://hub.mangopay.com/" target="_blank">via the Dashboard</a>. Once you have the dedicated API key, encode it in the usual way by using Base64 to encode your Client ID and dedicated API key separated by a colon (`ClientId`:`ApiKey`). For more information, read the [OAuth 2.0 authentication guide](/api-reference/overview/authentication#oauth-2-0-authentication). </Note> Generate an OAuth bearer token to authenticate your API calls This endpoint allows your to generate a bearer token to authenticate subsequent API calls. There are two scenarios, one of which is handled for you if using the server-side SDKs. Firstly, this endpoint can be used to generates a bearer token to authenticate **all calls to the Mangopay API** as part of [OAuth 2.0 authentication](/api-reference/overview/authentication). The [server-side SDKs](/api-reference/overview/authentication#sdk-authentication) handle this first authentication scenario for you by generating and refreshing the token before expiry. Secondly, you can use a specific API key with this endpoint to generate a bearer token that subsequently allows you to generate another access token to initialize a Mangopay embedded experience. Once you have the bearer token, you can call one of two endpoints to obtain an access token: - [POST Create an access token for the Recipients embedded experience](/api-reference/overview/authentication/create-access-token-recipient) to obtain a token to run the Recipients frontend experience using Mangopay Elements - [POST Create an access token for Checkout SDK](/api-reference/overview/authentication/create-access-token-checkout) to obtain a token to initialize Checkout SDK with PayPal One-Click

Authentication

AuthorizationBearer
Bearer authentication of the form `Bearer <token>`, where token is your auth token. If your platform is using a [proxy](/guides/sca/proxy-management) to take SCA-triggering action on behalf of users, you also need to integrate [mTLS authentication](/guides/sca/platform) and use the `api-mtls` base URL.

Response

Success
access_tokenstring
The access token to use in the Authorization header of your subsequent API call.
token_typestring

Returned values: Bearer

The type of the token.

expires_ininteger
The number of seconds until the token expires.